CDK Global 15,000 Customers And AT&T 109 Million Customer Data Breaches

A few weeks ago, I took my truck in for an oil change, only to discover that their computer systems were down due to a cyberattack. I immediately offered to help clean up and assist with implementing new security policies. Still, as it turns out, the attack was related to the software application provided by CDK Global, impacting over 15,000 car dealerships nationwide. According to a CNN business article by Sean Lyngas published on July 11, 2024, the attackers, known as BlackSuit, demanded a $25 million ransom.

These cybercriminals, identified as a new ransomware group called BlackSuit, are believed to be linked to Russian and European hacking groups. Their encryption techniques and targets share similarities with the Royal Ransomware group. They are known for targeting organizations of various sizes and using Windows and Linux systems and VMware ESXi servers.

Unfortunately, companies have to pay high ransoms. Everyone feels the impact, leading to increased cyber insurance costs, service prices, and preventive measures. It should be noted that in the fourth quarter of 2023, the average ransomware payment was $568,705.

It's crucial to remember that you no longer have a choice in this matter. Working with companies like ICS to fortify your systems is essential to minimize the risk of ransomware attacks. Empowering your employees with consistent cyber-attack training and reinforcing your cybersecurity policies is imperative. Additionally, all entry points into your data, whether on vendor or customer portals, must be rigorously secured.

109 million AT&T Customers Breach – Yes! It has happened again.

On July 12, 2024, it was reported that an extensive data breach had impacted nearly all of AT&T's 109 million customer accounts. The breach, which has been ongoing since at least January 2023, has led to the unauthorized access of customers' private information, including social security numbers, names, financial details, and records of calls and texts.

This breach represents a significant national security concern, prompting immediate involvement from government entities such as Homeland Security and the Federal Bureau of Investigation. AT&T has pledged to contact all affected customers in response to these events, offering support and complimentary identity theft credit monitoring services.

The potential risks associated with this breach are serious. The stolen information is susceptible to identity theft, smishing, and phishing attempts. To mitigate these risks, it is advisable for individuals to use a VPN, when possible, secure their accounts with a minimum 15-digit passcode, and activate multifactor authentication.

It's crucial for any impacted AT&T customers to remain vigilant and take proactive steps to secure their personal information. With the onset of AI, know that these bad actors are relentless. They only have to get it right once; you must always protect yourself.